It annoys me that in this “Web2.0″ world we seem to have turned the Internet into a great way of sharing data with other people, but nobody really seems to have found a sensible way to share data with ourselves. At work I have a USB memory stick and a USB portable HDD which I use to carry work around on. This is a bit daft considering pretty much every computer now has Internet access.
I’ve installed Dropbox on all my computers and have their free 2 gig account which does work rather well, but – and here’s another problem with the modern Internet – my data has to go and live “in the cloud”. I’d rather it didn’t, I want it on my computers.
In an attempt at solving this problem in a reasonably open-platform way (I have a Mac, a Linux server and a Windows 7 netbook) I’ve configured Apache and WebDAV. This should get around the problem of being behind firewalls and HTTP proxies unlike solutions that recommend rsync. I found some instructions online but didn’t like the way they wanted me to make a different password list, I want to use PAM.
So here’s what I did:
To begin, make sure you have a working Apache installation. Then install the following apache modules
sudo a2enmod dav_fs
sudo a2enmod dav
You will also need the following installing
libapache2-mod-authz-unixgroup – access control based on on unix group membership for Apache
pwauth – authenticator for mod_authnz_external and the Apache HTTP Daemon
Curiously you also need a script called ‘unixgroup’ which isn’t included in the pwauth package from Ubuntu. Visit the pwauth website and download the source. Untar it then copy the ‘unixgroup’ script to /usr/local/bin
Apache now needs configuring for DAV support so go and edit your apache config file for the relevant domain. I added the following to /etc/apache2/sites-available/default
You should probably create a new group for WebDAV to control which user accounts can log in. It might also be sensible to set this up on an SSL site so that Unix usernames and passwords don’t travel over the web unencrypted.
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
AddExternalGroup unixgroup /usr/local/bin/unixgroup
SetExternalGroupMethod unixgroup environment
Alias /dav "/data/documents/dav"
<Directory /data/documents/dav>
Options Indexes MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Location /dav/>
Dav on
AuthType Basic
AuthBasicProvider external
AuthExternal pwauth
GroupExternal unixgroup
AuthName "My Test"
Require group webdavusers
</Location> |
I also created the directory /data/documents/dav and gave the user www-data ownership and full read/write access to it
chown www-data:www-data /data/documents/dav
chmod 775 /data/documents/dav
You now need to restart Apache. Look in its error logs to see if there were any problems.
To quickly test whether this is working, install the program ‘cadaver’ and use it to connect to your webdav server:
sudo apt-get install cadaver
cadaver http://your-server.com/dav
you@yourserver:~$ cadaver http://your-server.com/dav
Authentication required for My Test on server `your-server':
Username: username
Password:
dav:/dav/> ls
Listing collection `/dav/': succeeded.
Coll: test 0 Apr 24 14:08
.DS_Store 6148 Apr 24 14:08
dav:/dav/> mkdir foo
Creating `foo': succeeded.
dav:/dav/> ls
Listing collection `/dav/': succeeded.
Coll: foo 0 Apr 24 14:14
Coll: test 0 Apr 24 14:08
.DS_Store 6148 Apr 24 14:08
dav:/dav/>
If all goes well you should be prompted for a password and then given a prompt. Try creating a folder. If anything goes wrong, look inside both your apache logs and your main system logs. I keep getting this printed in /var/log/messages but it doesn’t seem to mean anything failed:
Apr 24 14:08:45 monolith pwauth: pam_sm_authenticate: Called
Apr 24 14:08:45 monolith pwauth: pam_sm_authenticate: username = [james]
Apr 24 14:08:45 monolith pwauth: Passphrase file wrapped
If it works with cadaver, your Apache server is correctly working. You can now begin the fun of making other clients connect. The built in WebDAV support in OSX seems to be functional, if a little slow and prone to beachballs. I’ve yet to try the WebDAV support in Windows 7, if it’s anything like Windows XP I don’t give much hope and might instead try something like WebDrive.
Pingback: Set up WebDAV on Ubuntu with PAM | TurboLinux Blog